Secure expandable advertisements using an API and cross-domain communications

ABSTRACT

A system to present secure expandable advertisements using an API and cross-domain communication. A content publishing system that hosts a website can implement an expandable advertisement using IFRAMEs that are expanded upon receiving an API call from a third party rich media vendor that hosts the expandable advertisement when the content publishing system and the third party media vendor are of differing domains.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/867,630, filed on Apr. 22, 2013, now U.S. Pat. No. 10,104,052, issuedon Oct. 16, 2018; which is a continuation of U.S. patent applicationSer. No. 12/716,022, filed on Mar. 2, 2010, now U.S. Pat. No. 8,452,710,issued on May 28, 2013; which claims the benefit of U.S. PatentApplication Ser. No. 61/291,792, filed on Dec. 31, 2009; the disclosuresof all of these applications and patents are incorporated by referenceherein.

COPYRIGHT NOTICE

A portion of the disclosure of this patent document contains materialthat is subject to copyright protection. The copyright owner has noobjection to the facsimile reproduction by anyone of the patent documentor the patent disclosure, as it appears in the Patent and TrademarkOffice patent files or records, but otherwise reserves all copyrightrights whatsoever. The following notice applies to the software and dataas described below and in the drawings that forma part of this document:Copyright 2010, eBay Inc., All Rights Reserved.

TECHNICAL FIELD

Various embodiments relate generally to the field of online advertising,and in particular, but not by way of limitation, to methods and systemsenabling the display of secure expandable advertising using anapplication programming interface (“API”) and cross-domaincommunications.

BACKGROUND

Online advertisements generate the revenue supporting many contentpublishers. Rich media advertising, advertising beyond static textadvertisements, represents a key and growing segment in the onlineadvertising market. Industry analysts estimate that spending on richmedia advertising in the United States will increase 400% to $5.1billion USD in 2013, while spending on traditional non-rich static textads will decrease by 22% in the same period. Similarly, analystsestimate that by 2012 more than half of European advertisement spendingwill purchase rich media advertisements, while traditional non-richstatic text ads will decrease to just 15% of advertising spending.

The expandable advertisement, an advertisement that possesses theability to expand and collapse its viewable area as triggered bypredefined events, has emerged as a popular form of rich mediaadvertising. Current implementations of expandable advertisements exposethe content publishers' computer systems to security risks and may notbe scalable. Implementation techniques commonly include utilizing “framebuster” javascript files to allow cross domain communication between aparent page and an IFRAME page of different domains.

BRIEF DESCRIPTION OF THE DRAWINGS

Some embodiments are illustrated by way of example and not limitation inthe figures of the accompanying drawings in which:

FIG. 1 is a block diagram of a system for displaying expandableadvertisements, according to an example embodiment.

FIG. 2A is screenshot of a website with an advertisement banner in acollapsed form.

FIG. 2B is a screenshot of a website with an advertisement banner in anexpanded form.

FIG. 3 is a block diagram of the components of a website with anexpandable advertisement and the supporting backend business modules,according to an example embodiment.

FIG. 4 is an interaction diagram illustrating the expansion of anadvertisement, according to an example embodiment.

FIG. 5 is a screenshot of ancillary data associated with an expandableadvertisement, according to an example embodiment.

FIG. 6 is an interaction diagram illustrating security procedures,according to an example embodiment.

FIG. 7 is a block diagram of a machine in the example form of a computersystem within which a set instructions, for causing the machine toperform any one or more of the methodologies discussed herein, may beexecuted.

DETAILED DESCRIPTION

Example methods and systems for supporting secure expandableadvertisements using an API and cross-domain communications aredescribed. In the following description, for purposes of explanation,numerous specific details are set forth in order to provide a thoroughunderstanding of some example embodiments. It will be evident, however,to one skilled in the art that the present invention may be practicedwithout these specific details. As used herein, the term “or” may beconstrued in an inclusive and exclusive sense.

Rich media advertising includes advertising beyond static textadvertisements, such as, but not limited to, banners, videos, images,animation, advertisements displaying dynamic motion or changes inappearance over time and other interactive media. A popularlyinstantiated type of rich media advertisement is the expandableadvertisement. An expandable advertisement may be any advertisement thatpossesses the ability to expand and collapse its viewable area as causedby predefined trigger events. In an example embodiment of an expandableadvertisement, a banner advertisement can expand from its original sizeto encompass any amount of the viewable area or collapse back to theoriginal dimensions of a standard banner advertisement.

Implementing expandable advertisements introduces technical challengesto content publishers which often present both the content that attractthe attention of advertising audiences and the expandable advertisement.One challenge is the technical implementation of how to securely presentthe expandable advertisement in a manner that permits expansion andcollapse of the viewable area. Another challenge is how to securelyimplement the logic that enables the expansion or collapse of theexpandable advertisement. Security issues may arise because of where thelogic controlling the expandable advertisement is located. If theexpandable advertisement logic is located with a third party, then thewebpage host referencing the expandable advertisement has no controlover the advertisement and its logic, which may put a webpage viewer atrisk. If the expandable advertisement logic is stored with the webpagehost, then the webpage host must inspect each piece of logic and mayexpose its own systems to risk. In one example embodiment, the firstchallenge is addressed by locating the expandable advertisement in anIFRAME element of the parent page. An IFRAME, or inline frame, enablesembedding of another HTML document within the framework of an existingHTML document structure. This implementation may provide a layer ofsecurity, as modern browsers restrict an HTML document within an IFRAMEfrom accessing data presented on the parent page or from communicatingwith the parent page when the IFRAME HTML document and parent page areof different domains. In an example embodiment, the IFRAME embeds anHTML document hosted on the content provider domain that referencesadvertising content hosted on a third party rich media vendor domain. Inanother embodiment, the IFRAME embeds an HTML document hosted on a thirdparty rich media vendor domain, which also hosts referenced content.

Because cross domain communication between a parent HTML document andthe embedded document of an IFRAME of the parent HTML document cannotoccur directly, prior art solutions addressing the second problemutilize a variety of methods, including referencing a “frame buster”file that serves as an intermediary. The “frame buster” file, which maybe javascript, an executable or a set of instructions, recognizestriggering events, which may be events that occur on the contentpublisher's page or sensed by an expandable advertisement, and triggersexpansion of the expandable advertisement. In a prior art solution, thecontent publisher hosts the “frame buster” file, which may be created bythe third party rich media vendor. However, hosting the “frame buster”file, and potentially other third party files, could introduce thecontent publisher to security risks. Maintaining proper system securitymay demand inspection of each submitted third party file and may resultin a non-scalable solution. In another prior art solution, the thirdparty vendor hosts the “frame buster” file, and potentially all the richmedia content files. This prior art solution provides the third partyvendor control over when to expand or collapse the rich mediaadvertisement. This solution potentially mitigates the scalabilityissues mentioned above, but may expose the content publisher website toan unchecked “frame buster” file that could expose visitors to thecontent publisher's site to malware, unknown inspection of their cookiesor other intrusive actions. This solution may also expose sensitiveinformation of the parent page and complicate usage tracking for thecontent publisher.

In one embodiment, advertisements can be expanded securely by presentinga webpage with an IFRAME that contains an HTML document that referencesa content piece, such as an advertisement, hosted on a third partydomain and expanding the displayable area of the content piece uponreceiving an API call from the third party. Because the advertisement isexpanded upon an API call, no third party logic to expand theadvertisement needs to be hosted with the content publisher website. Inaddition, the content publisher website and visitors to the contentpublisher's website are not exposed to logic hosted by the third partyvendor. Therefore, by expanding the advertisement IFRAME by an API callmitigates potential security risks.

FIG. 1 is a block diagram of a system for displaying expandableadvertisements, according to an example embodiment. The system fordisplaying expandable advertisements 100 contains a content publishersystem 102. The content publisher system 102 hosts and presentspublisher content and implements the infrastructure that supports thepresentation of content from a third party rich media vendor 104. Thethird party rich media vendor 104 hosts an third party advertisementapplication 106 that manages access to an expandable advertisement 108.The third party advertisement application 106 may be a collection ofapplications, each implementing a functionality supporting the thirdparty rich media vendor's 104 expandable advertisement 108. In anexample embodiment, the content publisher system 102 may be anapplication server supporting a website with an IFRAME that contains anexpandable advertisement 108.

A client machine 110 may be, but is not limited to, a personal computer,cell phone, mobile device or machine capable of launching a web client112. A web client 112 may be, but is not limited to, Microsoft InternetExplorer®, Safari®, or a graphical web browser. The client machine 110runs a web client 112 which may access the publisher content and thethird party expandable advertisement 108 through a network 114, such asa communications network as embodied by the internet, and then presentthe accessed content through the web client 112.

The content publisher system 102 distributes content through a webserver 116. The web server 116 accesses an application server 118, suchas, but not limited to, an Apache application Server®. The applicationserver 118 hosts various applications that control and prepare thepresentation of data, including, but not limited to, a contentgeneration application 120 and an expandable advertisement application122.

The content generation application 120 assists in the presentation ofpublisher content. The content generation application 120 accesses adatabase server 124 that queries a database 126 to extract content andprovide it to the web server 116. Content gathered from the web server116 and the third party advertisement application 106 are communicatedto the client machine's 110 web client 112 to render a web pagecontaining the expandable advertisement 108 and publisher content. In anexample embodiment, the content generation application 120 communicatesand presents data accessed from the database server 124 and the database126 to the web server 116 in the form of an HTML document. The HTMLdocument may contain an IFRAME which itself contains an HTML documentreferencing data accessed through the third party advertisementapplication 106. In an example embodiment, the publisher content system102 and the third party rich media vendor 104 reside on differentdomains.

The expandable rich media advertisement 108 presented by the web client112 is expanded or collapsed by calls to an expandable advertisement API109 of the content publisher system 102. Calls to the expandableadvertisement API 109 are made by the third party advertisementapplication 106 and transmitted through the network 114, which causesthe application server 118 to invoke functionality of an expandableadvertisement application 122. The expandable advertisement application122 expands or collapses the expandable rich media advertisement 108presented on the web client 112. This may be accomplished by theexpandable advertisement application 122 communicating with the webclient 112 to expand an IFRAME. In an example embodiment, the call tothe expandable advertisement API 109 includes parameter arguments, suchas dimensions and identification information, which are passed to theexpandable advertisement application 122 as input. In an exampleembodiment, the call to the expandable advertisement API 109 results inthe expansion or collapse of the expandable advertisement 108 displayedat the web client 112, which can be achieved by, for example, acting asan intermediary between the parent page and the expandable advertisementdomains to communicate with the parent page domain to resize the IFRAMEcontaining the expandable advertisement, re-rendering of the main page,using third party software such as Adobe Flash or by exposing previouslyhidden elements.

A content publisher hosting the expandable advertisement API 109 maydistribute API specifications to enable third parties, such as anadvertising network, advertising agency or rich media vendor 104, toproperly make calls to the expandable advertisement API 109. In anexample embodiment, the content publisher system 102 may capture, shareand decide upon ancillary data relating to the third party advertisementcampaign and the expandable advertisement 108, such as the type ofcontent provided, the dimensions and direction in which to expand theexpandable rich media advertisement 108 and other configurationpreferences, such as whether expansion is enabled and whether it shouldbe expanded upon loading. Such ancillary information may be stored inthe database 126 and utilized by the expandable advertisementapplication 120 to verify a call to the API server 109 or to control theexpansion or collapse of an advertisement. For example, a call may bemade to the expandable advertisement API 108 with arguments detailingthe direction and dimension in which to expand an advertisement. Thearguments may be compared against ancillary data defining thepermissible directions and dimensions in which the advertisement may beexpanded. If the arguments are compatible with the ancillary data, theadvertisement may then be expanded according to the provided directionsand dimensions.

TABLE 1 IAB Guidelines for Rich Media Expandables Format CategoryExpandable Ads Format (W × H) User-initiated Expandable Ads: See IAB AdUnit Guidelines. Landing Spots: Maximum width of 2X the initial ad size*Max Initial Load File Size * 40 KB Add'l File Weight (Polite 80 KBDownload) Flash Specifics 18 fps Audio Initiation User Initiated (onclick) Maximum Animation Length Anything up to 15 seconds ControlsControl = “Close X” Font = 16 pt Location = On Edge of Original(non-expanded/expanded) unit Feature = Enable Mouse-Off Retraction WebSite Labeling & Other Label = “Advertisement” Font = 16 pt Items

In one embodiment, the specifications related to the operation andpresentation of the expandable advertisement 108 may adhere toInteractive Advertising Bureau (“IAB”) guidelines as exemplified inTable 1. Parameters and ancillary information may describe expandableadvertisement controls, the triggering event, the trigged action, visualeffects such as color and font, and other parameters as permitted by IABguidelines.

A content publisher system 102 serving rich media expandableadvertisement may utilize targeting, tracking and reporting services. Inan example embodiment, tracking may include recording advertisement dataon the level of a campaign, placement or message. Tracking metrics mayinclude recording the number of advertisements served, the number ofadvertisements expanded, the number of advertisements collapsed, eachincident of violation with the URL or other data accessible to theexpandable advertisement API 109.

FIG. 2A is a screenshot of a website with an advertisement banner in acollapsed form 202. FIG. 2B is a screenshot of a website with anadvertisement banner in an expanded form 204, as represented byexpanding the advertisement banner of 202. In an example embodiment, amouse click on the banner, movement of the mouse over the banner, orsome other trigger event causes the collapsed banner 202 to expand intothe expanded banner 204. Additionally, a second mouse click on thebanner, movement of the mouse over the banner or other trigger event maycollapse the expanded banner 204 to the collapsed banner 202.

FIG. 3 is a block diagram 300 of the components of a website with anexpandable advertisement and the supporting backend business modules,according to an example embodiment. The main page 302 is the parent HTMLdocument presented to the web client 112. The main page 302 comprises ofpublisher content 306, such as, but not limited to, articles, images andtext, and an expandable advertisement 108 contained within an IFRAME 304of the main page 302. In an example embodiment, the expandableadvertisement 108 is hosted from a domain of a third party rich mediavendor separate from the content publisher domain. The expandableadvertisement 108 may possess an interaction module 310 and a messagingmodule 312. In an example embodiment, the interaction module 310monitors for interaction input that triggers the expansion of expandableadvertisement 108. Example interactions may include, but are not limitedto, a mouse click on the expandable advertisement 108, the rolling of apointer over a certain portion of the presented webpage, the loading ofthe advertisement or a predefined event. When an event triggering theexpansion of the expandable advertisement 108 occurs the interactionmodule 310 detects it and initiates a messaging module 312. Themessaging module 312 makes a call to an expandable advertisement API 309which results in the expandable advertisement 108 to expand its displayarea to 314. In an example embodiment, the call to the expandableadvertisement API 309 results in the expansion or collapse of theexpandable advertisement, which can be achieved by, for example, actingas an intermediary between the parent page and the expandableadvertisement domains to communicate with the parent page domain toresize the IFRAME containing the expandable advertisement, re-renderingof the main page, using third party software such as Adobe Flash or byexposing previously hidden elements.

FIG. 4 is an interaction diagram 400 illustrating the expansion of anadvertisement, according to an example embodiment. At operation 402 aweb client 112 requests a webpage from a web server 116. In an exampleembodiment, the request is made using the hyper text transfer protocoland the webpage may include HTML, text, images, and other ancillaryinformation. The web server 116 responds by fetching webpage data atoperation 404 in a query to a database server 124. The database server124 determines the required publisher content and advertisement data andrequests the data from a database 126 at operation 406. Elements of theadvertisement data may be provided to the content publisher when settingup the advertisement account. At operation 408 the database server 124retrieves the requested information from the database 126. In an exampleembodiment, the webpage data, as represented by publisher content andadvertisement data, may include content files embodying the content andadvertisements, such as HTML, text, images, metadata and other ancillaryinformation and files, such as a security token, as shown in operation410. The required data is loaded in response to the original databaseserver query at operation 412 and then sent to the web server 116 as aresponse message at operation 414, where it is transmitted to the webclient 112 in the form of an operation transmitting a webpage 416.

In an example embodiment, a security token is a unique identifieridentifying an expandable advertisement presented by the third partyrich media vendor 104. The security token may be a static constant overtime identifying an advertising campaign, a type of advertisement, arich media vendor or an event or party, or the token may be dynamicallygenerated and identify a particular instantiation of an advertisement.In an example embodiment, a security token may be a string, GUID orfile.

At operation 420 the web client 112 analyzes the received webpage data416 and, if required, creates the IFRAMEs defined in the webpage data.At operation 422, the HTML document embedded in each of the IFRAMEs isrequested from a third party rich media vendor 104. In an exampleembodiment, the webpage data 416 may define multiple expandableadvertisements, each hosted by a different third party rich media vendor104 and each requiring a separate IFRAME. The data request to the thirdparty rich media vendor 104 for each IFRAME may also include theidentifying security token, as generated in operation 410. The thirdparty rich media vendor 104 responds at operation 424 by sendingadvertisement HTML and data to the web client 112 and associates anyreceived security token with a particular instance of the expandableadvertisement.

At operation 426 an event or action originating from the web client 112triggers the expansion or collapse of an expandable advertisement. Thethird party rich media vendor 104 receives notification of thetriggering event and makes a call to an expandable advertisement API 109to expand or collapse the expandable advertisement at operation 428. Inan example embodiment, the security token associated with the expandablerich media advertisement to be expanded or collapsed during the initialgeneration and fetching of the advertisement IFRAME at operations 410and 422, is sent with the call to the expandable advertisement API 109.This security token identifies that the party calling the expandableadvertisement API 109 to collapse or expand the advertisement is a partyassociated with the advertisement to be expanded. This security measureprevents parties unassociated with the expandable advertisement frominfluencing the presentation of the expandable advertisement. In anexample embodiment, the third party rich media vendor 104 may alsotransmit ancillary data with the call to the expandable advertisementAPI 109. Ancillary data may include metadata information relating to thethird party advertisement campaign and the expandable advertisement,such as the type of content provided, the dimensions and direction inwhich to expand the expandable advertisement and other configurationpreferences such as whether expansion is enabled and whether it shouldbe expanded upon loading. The ancillary information transmitted with thecall to the expandable advertisement API 109 may then influence theexpansion or collapse of the expandable advertisement, such as thedimension or direction, and it may further be verified against ancillarydata stored in the database server 124 as an additional security check.

At operation 430 the expandable advertisement API 109 verifies thevalidity of the expansion request with the web server 116. In an exampleembodiment, the security token and ancillary data sent by a third partyrich media vendor 104 along with the request for expansion/collapse iscompared with the data stored in the database 126. If the value of thesecurity token sent with the call to the expandable advertisement API109 matches the token provided to the third party rich media vendor 104at operation 422, then the request to expand/collapse is verified. Inaddition, if ancillary data, such as the shape and dimension ofcollapse/expansion match or are compatible with the parameters stored inthe database 126, the request to expand/collapse is verified.

After verification of the request to expand/collapse at operation 430,the web server 116 transmits data and instructions to expand/collapsethe expandable advertisement presented in the web client 112 atoperation 432. In an example embodiment, this may be accomplished by,but is not limited to, acting as an intermediary between the parent pageand the expandable advertisement domains to communicate with the parentpage domain to resize the IFRAME containing the expandableadvertisement, re-rendering of the main page, using third party softwaresuch as Adobe Flash or by exposing previously hidden elements.

At operation 432 the web server 116 will store to the database 126tracking information relating to the expandable advertisement. In anexample embodiment, tracking may include recording advertisement data onthe level of a campaign, placement or message. Tracking metrics mayinclude recording the number of advertisements served, the number ofadvertisements expanded, the number of advertisements collapsed, eachincident of violation with the URL or other data accessible to theexpandable advertisement AP.

In an example embodiment, the expandable advertisement API 109 is apartial implementation of the OpenAjax Hub API. The Open Ajax API can beused to tell a parent page to either expand or collapse an IFRAME. In anexample embodiment, the parent page determines if a request to expand orcollapse the IFRAME follows the specifications defined below. In anexample embodiment, a call to the expandable advertisement API requires:

-   -   1. A reference to a JavaScript library developed by the content        publisher system    -   2. Parameters which describe the type of expansion or collapse    -   3. A call to the OpenAjax publish( ) method with the defined        parameters

The publish( ) method can be called by a third party rich media vendorto both expand and collapse an IFRAME. The third party rich media vendordetermines when to tell the parent page to expand or collapse theIFRAME. In an example embodiment, the specified width, height, anddirection passed to the expandable advertisement API 109 must match aresolution and expansion direction supported by the content publishersystem, which may be stored as pre-determined values in the database126.

In an example embodiment, the expandable advertisement can automaticallydetect the best direction for expansion based on the higher level page'ssize, IFRAME location, and where a user has scrolled.

FIG. 5 is a screenshot of ancillary data 500 associated with anexpandable advertisement, according to an example embodiment. Asillustrated, ancillary data may describe logging features, the directionto expand the expandable advertisement, the total dimensions of theexpanded and collapsed advertisement, whether to expand theadvertisement upon loading and other parameters.

FIG. 6 is an interaction diagram 600 illustrating security procedures,according to an example embodiment. At operation 610 a higher level page602 of domain A requests advertisement placement data from a databaseserver of domain B 604. In an example embodiment, both the higher levelpage 602 and the database server 604 may be operated by the same contentpublisher. At operation 612 the database server 602 retrievesadvertisement placement data and transmits it to the higher level page602. In an example embodiment, the advertisement placement data may beancillary data regarding each advertisement placement. At operation 614a security token is generated for each advertisement. The advertisementvendor 606 receives a call at 616 to fetch advertisement data, such asimage and flash files. This call results in the web client loadingadvertisement data and the initiation of the click and mouse listeners.A trigger event occurs at operation 618 when a click or mouse movementtriggers expansion or collapse of an expandable advertisement. Thiscauses advertiser integration code 608, which may be code customdesigned to interact with the higher level page 602, to make an API callto expand or collapse the IFRAME which contains the triggered expandableadvertisement. The advertiser integration code 608 also may send thesecurity token associated with the expandable advertisement to beexpanded or collapsed as verification. At operation 620 the API requestis parsed, syntax checked, and the security token validated before thehigher level page 602 expands the IFRAME.

Modules, Components and Logic

Certain embodiments are described herein as including logic or a numberof components, modules, or mechanisms. Modules may constitute eithersoftware modules (e.g., code embodied on a machine-readable medium or ina transmission signal) or hardware modules. A hardware module is atangible unit capable of performing certain operations and may beconfigured or arranged in a certain manner. In example embodiments, oneor more computer systems (e.g., a standalone, client or server computersystem) or one or more hardware modules of a computer system (e.g., aprocessor or a group of processors) may be configured by software (e.g.,an application or application portion) as a hardware module thatoperates to perform certain operations as described herein.

In various embodiments, a hardware module may be implementedmechanically or electronically. For example, a hardware module maycomprise dedicated circuitry or logic that is permanently configured(e.g., as a special-purpose processor, such as a field programmable gatearray (FPGA) or an application-specific integrated circuit (ASIC)) toperform certain operations. A hardware module may also compriseprogrammable logic or circuitry (e.g., as encompassed within ageneral-purpose processor or other programmable processor) that istemporarily configured by software to perform certain operations. Itwill be appreciated that the decision to implement a hardware modulemechanically, in dedicated and permanently configured circuitry, or intemporarily configured circuitry (e.g., configured by software) may bedriven by cost and time considerations.

Accordingly, the term “hardware module” should be understood toencompass a tangible entity, be that an entity that is physicallyconstructed, permanently configured (e.g., hardwired) or temporarilyconfigured (e.g., programmed) to operate in a certain manner and/or toperform certain operations described herein. Considering embodiments inwhich hardware modules are temporarily configured (e.g., programmed),each of the hardware modules need not be configured or instantiated atany one instance in time. For example, where the hardware modulescomprise a general-purpose processor configured using software, thegeneral-purpose processor may be configured as respective differenthardware modules at different times. Software may accordingly configurea processor, for example, to constitute a particular hardware module atone instance of time and to constitute a different hardware module at adifferent instance of time.

Hardware modules can provide information to, and receive informationfrom, other hardware modules. Accordingly, the described hardwaremodules may be regarded as being communicatively coupled. Where multipleof such hardware modules exist contemporaneously, communications may beachieved through signal transmission (e.g., over appropriate circuitsand buses) that connect the hardware modules. In embodiments in whichmultiple hardware modules are configured or instantiated at differenttimes, communications between such hardware modules may be achieved, forexample, through the storage and retrieval of information in memorystructures to which the multiple hardware modules have access. Forexample, one hardware module may perform an operation, and store theoutput of that operation in a memory device to which it iscommunicatively coupled. A further hardware module may then, at a latertime, access the memory device to retrieve and process the storedoutput. Hardware modules may also initiate communications with input oroutput devices, and can operate on a resource (e.g., a collection ofinformation).

The various operations of example methods described herein may beperformed, at least partially, by one or more processors that aretemporarily configured (e.g., by software) or permanently configured toperform the relevant operations. Whether temporarily or permanentlyconfigured, such processors may constitute processor-implemented modulesthat operate to perform one or more operations or functions. The modulesreferred to herein may, in some example embodiments, compriseprocessor-implemented modules.

Similarly, the methods described herein may be at least partiallyprocessor-implemented. For example, at least some of the operations of amethod may be performed by one or processors or processor-implementedmodules. The performance of certain of the operations may be distributedamong the one or more processors, not only residing within a singlemachine, but deployed across a number of machines. In some exampleembodiments, the processor or processors may be located in a singlelocation (e.g., within a home environment, an office environment or as aserver farm), while in other embodiments the processors may bedistributed across a number of locations.

The one or more processors may also operate to support performance ofthe relevant operations in a “cloud computing” environment or as a“software as a service” (SaaS). For example, at least some of theoperations may be performed by a group of computers (as examples ofmachines including processors), these operations being accessible via anetwork (e.g., the Internet) and via one or more appropriate interfaces(e.g., Application Program Interfaces (APIs).)

Electronic Apparatus and System

Example embodiments may be implemented in digital electronic circuitry,or in computer hardware, firmware, software, or in combinations of them.Example embodiments may be implemented using a computer program product,e.g., a computer program tangibly embodied in an information carrier,e.g., in a machine-readable medium for execution by, or to control theoperation of, data processing apparatus, e.g., a programmable processor,a computer, or multiple computers.

A computer program can be written in any form of programming language,including compiled or interpreted languages, and it can be deployed inany form, including as a stand-alone program or as a module, subroutine,or other unit suitable for use in a computing environment. A computerprogram can be deployed to be executed on one computer or on multiplecomputers at one site or distributed across multiple sites andinterconnected by a communication network.

In example embodiments, operations may be performed by one or moreprogrammable processors executing a computer program to performfunctions by operating on input data and generating output. Methodoperations can also be performed by, and apparatus of exampleembodiments may be implemented as, special purpose logic circuitry,e.g., a field programmable gate array (FPGA) or an application-specificintegrated circuit (ASIC).

The computing system can include clients and servers. A client andserver are generally remote from each other and typically interactthrough a communication network. The relationship of client and serverarises by virtue of computer programs running on the respectivecomputers and having a client-server relationship to each other. Inembodiments deploying a programmable computing system, it will beappreciated that that both hardware and software architectures requireconsideration. Specifically, it will be appreciated that the choice ofwhether to implement certain functionality in permanently configuredhardware (e.g., an ASIC), in temporarily configured hardware (e.g., acombination of software and a programmable processor), or a combinationof permanently and temporarily configured hardware may be a designchoice. Below are set out hardware (e.g., machine) and softwarearchitectures that may be deployed, in various example embodiments.

Example Machine Architecture and Machine-Readable Medium

FIG. 7 is a block diagram of machine in the example form of a computersystem 700 within which instructions, for causing the machine to performany one or more of the methodologies discussed herein, may be executed.In alternative embodiments, the machine operates as a standalone deviceor may be connected (e.g., networked) to other machines. In a networkeddeployment, the machine may operate in the capacity of a server or aclient machine in server-client network environment, or as a peermachine in a peer-to-peer (or distributed) network environment. Themachine may be a personal computer (PC), a tablet PC, a set-top box(STB), a Personal Digital Assistant (PDA), a cellular telephone, a webappliance, a network router, switch or bridge, or any machine capable ofexecuting instructions (sequential or otherwise) that specify actions tobe taken by that machine. Further, while only a single machine isillustrated, the term “machine” shall also be taken to include anycollection of machines that individually or jointly execute a set (ormultiple sets) of instructions to perform any one or more of themethodologies discussed herein.

The example computer system 700 includes a processor 702 (e.g., acentral processing unit (CPU), a graphics processing unit (GPU) orboth), a main memory 704 and a static memory 706, which communicate witheach other via a bus 708. The computer system 700 may further include avideo display unit 710 (e.g., a liquid crystal display (LCD) or acathode ray tube (CRT)). The computer system 700 also includes analphanumeric input device 712 (e.g., a keyboard), a user interface (UI)navigation device 714 (e.g., a mouse), a disk drive unit 716, a signalgeneration device 718 (e.g., a speaker) and a network interface device720.

Machine-Readable Medium

The disk drive unit 716 includes a machine-readable medium 722 on whichis stored one or more sets of instructions and data structures (e.g.,software) 724 embodying or utilized by any one or more of themethodologies or functions described herein. The instructions 724 mayalso reside, completely or at least partially, within the main memory704 and/or within the processor 702 during execution thereof by thecomputer system 700, the main memory 704 and the processor 702 alsoconstituting machine-readable media.

While the machine-readable medium 722 is shown in an example embodimentto be a single medium, the term “machine-readable medium” may include asingle medium or multiple media (e.g., a centralized or distributeddatabase, and/or associated caches and servers) that store the one ormore instructions or data structures. The term “machine-readable medium”shall also be taken to include any tangible medium that is capable ofstoring, encoding or carrying instructions for execution by the machineand that cause the machine to perform any one or more of themethodologies of the present invention, or that is capable of storing,encoding or carrying data structures utilized by or associated with suchinstructions. The term “machine-readable medium” shall accordingly betaken to include, but not be limited to, solid-state memories, andoptical and magnetic media. Specific examples of machine-readable mediainclude non-volatile memory, including by way of example semiconductormemory devices, e.g., Erasable Programmable Read-Only Memory (EPROM),Electrically Erasable Programmable Read-Only Memory (EEPROM), and flashmemory devices; magnetic disks such as internal hard disks and removabledisks; magneto-optical disks; and CD-ROM and DVD-ROM disks.

Transmission Medium

The instructions 724 may further be transmitted or received over acommunications network 726 using a transmission medium. The instructions724 may be transmitted using the network interface device 720 and anyone of a number of well-known transfer protocols (e.g., HTTP). Examplesof communication networks include a local area network (“LAN”), a widearea network (“WAN”), the Internet, mobile telephone networks, Plain OldTelephone (POTS) networks, and wireless data networks (e.g., WiFi andWiMax networks). The term “transmission medium” shall be taken toinclude any intangible medium that is capable of storing, encoding orcarrying instructions for execution by the machine, and includes digitalor analog communications signals or other intangible media to facilitatecommunication of such software.

Although an embodiment has been described with reference to specificexample embodiments, it will be evident that various modifications andchanges may be made to these embodiments without departing from thebroader spirit and scope of the invention. Accordingly, thespecification and drawings are to be regarded in an illustrative ratherthan a restrictive sense. The accompanying drawings that form a parthereof, show by way of illustration, and not of limitation, specificembodiments in which the subject matter may be practiced. Theembodiments illustrated are described in sufficient detail to enablethose skilled in the art to practice the teachings disclosed herein.Other embodiments may be utilized and derived therefrom, such thatstructural and logical substitutions and changes may be made withoutdeparting from the scope of this disclosure. This Detailed Description,therefore, is not to be taken in a limiting sense, and the scope ofvarious embodiments is defined only by the appended claims, along withthe full range of equivalents to which such claims are entitled.

Such embodiments of the inventive subject matter may be referred toherein, individually and/or collectively, by the term “invention” merelyfor convenience and without intending to voluntarily limit the scope ofthis application to any single invention or inventive concept if morethan one is in fact disclosed. Thus, although specific embodiments havebeen illustrated and described herein, it should be appreciated that anyarrangement calculated to achieve the same purpose may be substitutedfor the specific embodiments shown. This disclosure is intended to coverany and all adaptations or variations of various embodiments.Combinations of the above embodiments, and other embodiments notspecifically described herein, will be apparent to those of skill in theart upon reviewing the above description.

What is claimed is:
 1. A system comprising: one or more processors; andone or more non-transitory machine-readable storage media havinginstructions stored thereon that, in response to being executed by theone or more processors, cause the system to perform operationscomprising: communicating, to a client device, webpage data of a webpagein which the webpage data references a rich media advertisement hostedon a third party system that has a different domain than a contentpublishing system, the webpage data also including a security token thatidentifies the rich media advertisement and the third party system;receiving, from the third party system, an application program interface(API) call that includes the security token and an action instructionregarding performance of an action with respect to the rich mediaadvertisement; authenticating the third party system as being authorizedto provide instructions regarding the rich media advertisement via theAPI call based on verifying that the security token identifies the richmedia advertisement and the third party system; and communicating, tothe client device, the action instruction such that the client deviceperforms the action with respect to the rich media advertisement.
 2. Thesystem of claim 1, wherein receiving the API call is in response to thethird party system receiving a notification of occurrence of atriggering event that occurs at the client device with respect to therich media advertisement.
 3. The system of claim 1, wherein the securitytoken is included in the API call based on the security token beingincluded in a data request for the webpage data that is received by thethird party system from the client device and wherein the data requestincludes the security token based on the webpage data communicated tothe client device including the security token.
 4. The system of claim1, wherein the webpage data includes inline frame data that defines aninline frame and that references the rich media advertisement andwherein the webpage includes the inline frame with the rich mediaadvertisement included therein.
 5. The system of claim 4, wherein theinline frame data references a Hyper Text Markup Language (HTML)document that references the rich media advertisement.
 6. The system ofclaim 1, wherein the authenticating is further based on ancillary datathat is included in the API call and that includes a configuration ofthe rich media advertisement related to the action.
 7. The system ofclaim 1, wherein the operations further comprise storing trackinginformation related to performance of the action with respect to therich media advertisement.
 8. One or more non-transitory machine-readablestorage media having instructions stored thereon that, in response tobeing executed by one or more processors of a system, cause the systemto perform operations comprising: communicating, to a client device,webpage data of a webpage in which the webpage data references a richmedia advertisement hosted on a third party system that has a differentdomain than a content publishing system, the webpage data also includinga security token that identifies the rich media advertisement and thethird party system; receiving, from the third party system, anapplication program interface (API) call that includes the securitytoken and an action instruction regarding performance of an action withrespect to the rich media advertisement; authenticating the third partysystem as being authorized to provide instructions regarding the richmedia advertisement via the API call based on verifying that thesecurity token identifies the rich media advertisement and the thirdparty system; and communicating, to the client device, the actioninstruction such that the client device performs the action with respectto the rich media advertisement.
 9. The one or more machine-readablestorage media of claim 8, wherein receiving the API call is in responseto the third party system receiving a notification of occurrence of atriggering event that occurs at the client device with respect to therich media advertisement.
 10. The one or more machine-readable storagemedia of claim 8, wherein the security token is included in the API callbased on the security token being included in a data request for thewebpage data that is received by the third party system from the clientdevice and wherein the data request includes the security token based onthe webpage data communicated to the client device including thesecurity token.
 11. The one or more machine-readable storage media ofclaim 8, wherein the webpage data includes inline frame data thatdefines an inline frame and that references the rich media advertisementand wherein the webpage includes the inline frame with the rich mediaadvertisement included therein.
 12. The one or more machine-readablestorage media of claim 11, wherein the inline frame data references aHyper Text Markup Language (HTML) document that references the richmedia advertisement.
 13. The one or more machine-readable storage mediaof claim 8, wherein the authenticating is further based on ancillarydata that is included in the API call and that includes a configurationof the rich media advertisement related to the action.
 14. The one ormore machine-readable storage media of claim 8, wherein the operationsfurther comprise storing tracking information related to performance ofthe action with respect to the rich media advertisement.
 15. A methodcomprising: communicating, from a content publishing system to a clientdevice, webpage data of a webpage in which the webpage data references arich media advertisement hosted on a third party system that has adifferent domain than the content publishing system, the webpage dataalso including a security token that identifies the rich mediaadvertisement and the third party system; receiving, from the thirdparty system, an application program interface (API) call that includesthe security token and an action instruction regarding performance of anaction with respect to the rich media advertisement; authenticating thethird party system as being authorized to provide instructions regardingthe rich media advertisement via the API call based on verifying thatthe security token identifies the rich media advertisement and the thirdparty system; and communicating, to the client device, the actioninstruction such that the client device performs the action with respectto the rich media advertisement.
 16. The method of claim 15, whereinreceiving the API call is in response to the third party systemreceiving a notification of occurrence of a triggering event that occursat the client device with respect to the rich media advertisement. 17.The method of claim 15, wherein the security token is included in theAPI call based on the security token being included in a data requestfor the webpage data that is received by the third party system from theclient device and wherein the data request includes the security tokenbased on the webpage data communicated to the client device includingthe security token.
 18. The method of claim 15, wherein the webpage dataincludes inline frame data that defines an inline frame and thatreferences the rich media advertisement and wherein the webpage includesthe inline frame with the rich media advertisement included therein. 19.The method of claim 18, wherein the inline frame data references a HyperText Markup Language (HTML) document that references the rich mediaadvertisement.
 20. The method of claim 15, wherein the authenticating isfurther based on ancillary data that is included in the API call andthat includes a configuration of the rich media advertisement related tothe action.